Search This Blog

Sunday, May 21, 2017

Tier to AWS Cloud Using Starwind Cloud VTL and Veeam

In this post, we are going to explore on how Starwind Cloud VTL and Veeam are better together for transfer backup data to AWS Public Cloud.

Concept is simple: Veeam B&R uses StarWind Virtual Tape Library (VTL) to store backup files as emulated tapes in local cache and then VTL replicates these tapes to Amazon S3/Glacier. Amazon S3 Standard - Infrequent Access for long-lived, but less frequently accessed data, and Amazon Glacier for long-term archive.

The main StarWind advantage is performance; It writes backup files to local cache ten times faster than native Amazon VTL.

Let have a quick look on how the product in action...

To start, you can download Starwind Cloud VTL for AWS from here. Install the VTL on any VM/Veeam Backup Server.

Configure Starwind VTL:-

  • Add VTL Device
  • Specify the VTL store location
  • Select Device to Emulate. It will emulate HP MSL8096
  • Create new tape or fill up the empty tape.
  • You can only specify LTO 4 or LTO 5 (max size 1.5TB per tape)

Get AWS Account. For testing, you can sign up for Free Tier (up to a year) from

  • Create a user (example:- vtladmin)
  • Get an access key and secret access key
  • Assign user to a group - AmazonS3FullAccess and AmazonGlacierFullAccess

Create S3 bucket. Point to region that you want.
I've selected Asia Pacific (Singapore).

 Configure Starwind VTL

Next step is configure Cloud Replication.

  • Define Access Key ID (refer to setting that you've on above step)
  • Define Secret Access Key
  • Define Region 
  • Define Bucket
Note:- Asia Pacific Region does not transition data from S3 to Glacier. Select other region if you want to tier to Glasier.

Specify your tape file retention settings:-

A. When start replication to cloud when tape moved from drive.
-can be immediate
-never replicate (offline)
- set days

B. Acton after data has replicated to cloud for local copy
- delete immediately
- never delete (local copy available)
- set days

C. Action when move to Glacier

 Now infrastructure is ready, Time to mounting VTL on backup host using iscsi initiator

  • Enter iscsi target where you've installed Starwind VTL

Download latest driver from

On Veeam Backup Server

  • Perform rescan tape libraries
  • New tape library has added "HP MSL G3 Series 1070" with up to 4 drives & 96 tape available.
  • Make Tape as free
  • Create Simple Media Pool or GFS media pool (depend on your requirement)

Testing by create File to Tape Job
  • Tick Use Microsoft VSS
  • Eject media upon completion
  • Eject Export current media upon job completion
  • Run backup 

You can view tape backup status

After backup complete, tape will automatically moved to Media "Offline". You can view the content that you've backup previously.

On Starwind Management Console:-

  • Tape has moved to Offline Shelf
  • Tape indicated Local - None, Cloud - Yes. Mean local copy has removed and replicated to Cloud

On S3 bucket, able to view VTL tape that has successful replicated.

Testing restore by getting tape from AWS S3

  • On Offline Shelf, click the tape & select download.
  • Tape status - Local -Yes, Cloud - Yes . (mean has downloaded and able on local)
  • Tapes listed on Tapes

On Veeam B & R, inventory the tape. It will loaded into one of emulated drives.
Lastly, Restore. You can see your content and perform any recovery from the tape.

Starwind Cloud VTL for AWS benefits:-

  • Implementation of Disk-to-Disk-to-Cloud (D2D2C) backup strategy
  • Veeam Ready solution
  • Ability to “tier” backups between cloud storage with different performance and efficiency characteristics for maintaining low cost per GB without compromising RTO.

Give it a try. The product is now available for use. You can get Starwind VTL trial license and evaluate for 30 days.

Good Luck on your testing!

Tuesday, May 16, 2017

Last Line of Defense Against WannaCry Ransomware - Part 2

This blog post is continue from Part 1 -

In previous post, we have talked about 3-2-1 rules. For an additional protection, we added 3-2-1-1-0

3- Ensure you have at least three copies of your data
2- Use at least two different media to store the backup
1- Keep at least one copy of your backup offsite
1- Keep at least one copy as offline
0 - Perform verification to ensure no error.

This round we will focus on using Veeam Backup & Replication to recover from infection.

Based on live map on the WannaCry infection (last update on 16 May 2017-9.41pm) , up to date around 374K computer has infected.

If you're using Veeam to protect your Vmware or Hyper-V, then you can use this features to perform recovery

1. Initiate Instant VM Recovery
By using Veeam, you can bring up a system within 2 minutes by mounting the backup data using Veeam patented technology "vPower" to hypervisor.

2. Use Veeam Explorer to view healthy or unhealthy files.
By using Veeam Explorer, you can view before restore. Other legacy backup require you to restore restore point in order to identify the health of the file (encrypt/normal)

Sample of infected file by WannaCry. Pop up appear requesting user to pay ransom in order to decrypt the file. Latest ransom is $600. File is unreadable as it has encrypted.

Without restoring file, use Veeam Explorer to identify file which is healthy. File which is healthy is readable. Once identify it, you can start restoration process.

3. Failover to replicated VM
Replica VM is offline and safe from WannaCry. You can select restore point to failover to replicated VM.

4. Use On Demand Sandbox
Use Veeam to create a virtual lab from the backup data. Without restore backup data into staging server, backup data from Veeam repository can be mounted to hypervisor using Veeam vPower into an isolated environment.

Perform verification to ensure zero error by using Surebackup Job. Then you can leave the VM running so you can perform testing on the VM. Below screenshot refer to VM running on Virtual Lab.

5. Restore from Tape
Tape is offline media. Therefore your backup data store in tape is safe from WannaCry infection.
You can restore backup data from tape.

Hope this guide assist you on recover from WannaCry infection.

Good Luck!

Saturday, May 13, 2017

Last Line of Defense Against WannaCry Ransomware -Part 1

Oh no!

On 12 May 2017, WannaCry began affecting computers worldwide. After gaining access to the computers, the ransomware encrypts the computer's hard disk drive, then attempts to exploit the SMB vulnerability to spread to random computers on the Internet, and "laterally" between computers on the same LAN.

This virus demand $300 for decryption.

Please don't pay them!

Next, do you think having an antivirus is sufficient to protect your environment?
Well, i don't agreed on it. Nowaday malware is smart and none antivirus can guarantee 100% protection. But i don't say that antivirus is NOT require.

Antivirus program is a MUST.

But you still need to look at other vulnerability such as Microsoft operating system vulnerability especially on older version.

All of these play an important roles:- antivirus, operating system, firewall, network security,etc.

Let me share some of content that I've have presented recently on how to avoid "Ransomware attack".

Here is the guidelines on how to avoid ransomware attack:
0. Antivirus must have. :) Almost all antivirus vendors have already been added signatures to protect against this latest threat. Make sure you are using a good antivirus, and keep it always up-to-date.
1. Keep Windows up to date. 
On March 14 Microsoft published a security update that fixes this vulnerability and it is available through Windows Update. 

Please install all the latest Windows updates on all of your PCs, laptops and VMs as soon as possible.

2. Perform a threat analysis with your security team

3. Train staff on cyber security practices on:
a. Not opening attachments or links from unknown sources
b. Inform employees if a virus reaches the company network.

4. Backup all information every day

5. Backup all information to a secure, offsite location

Apply 3-2-1 rule to ransonware protection

3- Ensure you have at least three copies of your data
2- Use at least two different media to store the backup
1- Keep at least one copy of your backup offsite & offline

It's better safe than sorry.

My journey protection on my laptop start by installing Veeam Agent for Windows (VAW) -Workstation Edition. Then, perform backup on my entire computer & protect my important files including Dropbox to External hard disk. It is not safe to put backup on local disk & my shared folder.

VAW has CryptoLocker(ransomware trojan) protection. It will eject external hard disk once backup completed. In case your laptop is infected by WannaCry, then you know where to get a safe copy from.

I've followed step 0-5 & feel more secured .
 How about you? Are you protected?

Protect your laptop/server before ransomware attack. If you're interested to read more, please check out on recent ebook which consist of 40 pages : "Conversational Ransomware Defense Survival".
Click on below image to download free ebook.

We will look on virtualization protection against ransomware on - Part 2 - Click here

Stay Tuned!

Azure Mobile App

During Build 2017, Microsoft has released an Azure Mobile App for IOS and Android.

The Microsoft Azure app helps you keep track of your resources while on-the-go:
- Stay connected to the cloud and check status and critical metrics anytime, anywhere
- Stay informed with notifications and alerts about important health issues 
- Stay in control of your resources and take corrective actions, like starting and stopping VMs and web apps

Here are the screenshot of the app:-

Download the app "Microsoft Azure" from iTunes or Google Play

Enter azure credential

View Azure failure on the notification

On Resource, you can view Azure resources that you've provision.

Click the "star" to set the resources as Favorite

Click on Favorite to easily access the resources

On Compute Virtual machines, you can stop, start & connect to virtual machines.

App name:- Microsoft Azure

To download:-

Android -